diff options
Diffstat (limited to 'kpov_judge/scripts/make-arbiter.sh')
| -rwxr-xr-x | kpov_judge/scripts/make-arbiter.sh | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/kpov_judge/scripts/make-arbiter.sh b/kpov_judge/scripts/make-arbiter.sh new file mode 100755 index 0000000..b08944c --- /dev/null +++ b/kpov_judge/scripts/make-arbiter.sh @@ -0,0 +1,95 @@ +#!/bin/sh + +# Create the disk image for arbiter: a gateway with NAT, dnsmasq and +# sshd. The user account test / test is set up to run the test_task +# script for evaluating the given task. The account is also given sudo +# rights to reboot, poweroff, ifconfig, ip and mount. + +set -e + +if [ $# -lt 1 ]; then + echo "usage: ${0} base" + exit 1 +fi + +base="${1}" +name="arbiter" +format="qcow2" + +# WAN on first interface, LAN on second +file_interfaces=\ +'# see interfaces(5) +source /etc/network/interfaces.d/* + +# loopback interface +auto lo +iface lo inet loopback + +# first interface +allow-hotplug ens3 +iface ens3 inet dhcp +allow-hotplug enp0s3 +iface enp0s3 inet dhcp + +# second interface +allow-hotplug ens4 +iface ens4 inet static + address 10.94.94.1/24 +allow-hotplug enp0s8 +iface enp0s8 inet static + address 10.94.94.1/24 +' + +# NAT rules +file_nftables=\ +'table ip nat { + chain prerouting { + type nat hook prerouting priority 0; policy accept; + } + + chain postrouting { + type nat hook postrouting priority 100; policy accept; + oifname "ens3" masquerade + oifname "enp0s3" masquerade + } +} +' + +file_dnsmasq=\ +'interface=ens4 +interface=enp0s8 + +dhcp-range=10.94.94.16,10.94.94.250,12h +' + +file_sudoers=\ +'test ALL = /sbin/reboot +test ALL = /sbin/poweroff +test ALL = NOPASSWD: /bin/ip +test ALL = NOPASSWD: /bin/mount +test ALL = NOPASSWD: /sbin/ifconfig +' + +qemu-img create -f qcow2 -b "${base}" "${name}.${format}" + +virt-customize -a "${name}.${format}" \ + --hostname "${name}" \ + --update \ + --install fortune-mod,fortunes,fortunes-bofh-excuses,python3-pexpect,python3-paramiko,python3-snimpy,python3-yaml \ + --install dnsmasq \ + --install openssh-server \ + --run-command "apt clean" \ + --write /etc/network/interfaces:"${file_interfaces}" \ + --write /etc/nftables.conf:"${file_nftables}" \ + --write /etc/sysctl.d/gateway.conf:"net.ipv4.ip_forward = 1" \ + --run-command "systemctl enable nftables.service" \ + --write /etc/dnsmasq.d/kpov-gw:"${file_dnsmasq}" \ + --run-command "useradd -m -s /bin/bash -p '\$6\$VdV5y2gl\$YxpYuwcVZHSXiv0N4yzmF8PspBeIK8QLdGJZzYFuKRjkfc82DhaS5fQeuOt0q9APDPLeSMTzt8BtxI2Bwo/hH.' test" \ + --write /etc/sudoers.d/kpov-test:"${file_sudoers}" + +## make a sparse diff +#virt-sparsify "${name}.${format}" "${name}x.${format}" +#qemu-img create -f "${format}" -b "${name}x.${format}" "${name}-diff.${format}" +#qemu-img rebase -b "${base}" "${name}-diff.${format}" + +#rm -f "./${name}-install.${format}" |